Oauth2 Advanced Options

OAuth 2 Advanced Options

The advanced options settings for Oauth2 are used to define how the access token should be handled.

OAUth 2 Advanced Options

There are two available settings: how to sending, and how to handle refresh of the access token.

Send Access Token as:

This setting is used when you have

Header: Access token is sent as request header. Example:

Authorization: Bearer rRR0GnTudjuUUGaSt0n

Query: The access token is sent as a query parameter.

Example:

https://www.example.com/a/v1/y/{userId}?access_token=1/rRR0GnTudjuUUGaSt0n

Refresh Access Token:

The default settings is that SoapUI handles refresh tokens automatically and transparently. If you for some reason need tokens to time out, you can set refresh to manual.

Automatic: The refresh token is used automatically.

Manual: The token has to be manually applied.

When refresh access token is set to manual. A refresh button is made available next to the token.

Manual Refresh

To refresh the token, click the refresh button.

Access Token Expiration Time

The request can be set to use the access token expiration time provided from the server.

Expiration Time

Server: The expiration time provided by the authorization server is used.

Custom: The token expires after the set number of seconds, minutes or hours.

Note: By convention, the value "0" indicate that the token will never expire. There is no setting for immediate expiration of the token.